package cn.yunhe.interceptor;

import java.util.Map;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.MethodFilterInterceptor;

public class PremitInterceptor extends MethodFilterInterceptor {

	protected String doIntercept(ActionInvocation invocation) throws Exception {
		ActionContext actionContext=invocation.getInvocationContext();
		String role= (String) actionContext.getSession().get("role");
		Map request=(Map) actionContext.get("request");
		//若果用户名为空
		if (role==null) {
			request.put("msg","用户名或密码错误,请<a href='login.jsp'>登录</a>");
			return "error";
		}else{//获得被拦截的Action的执行方法名
			String method=invocation.getProxy().getMethod().toLowerCase();
			//如果用户角色不是管理员，却执行了增删改操作
			if (!"admin".equals(role)&&(method.startsWith("add")||method.startsWith("update"))) {
				request.put("msg", "您不是管理员权限，无法进行增加修改工作,请<a href='javascript:history.go(-1)'>返回</a>");
				return "error";
			}
			
		}
		return invocation.invoke();
	}

}
